- Identify the digital devices in your home or on your person that collect personally identifiable information.
- Describe the steps you can take to manage the information that these devices share across their personal, professional, and public networks.
- Critically examine the kind of information collected and stored on wearable devices, and recognize the value that these data have to others.
- Discuss the benefits of smart home devices such as digital assistants and smart speakers, along with the risks presented by the continued use of these devices.
- Recognize the threats and risks inherent in home networks—both wired and wireless—with respect to the potential for digital privacy breaches.
This chapter examines the impact of your digital, connected devices on the privacy of your personal information. In particular, this chapter identifies common digitally-connected devices found in most homes and the amount of data these devices have access to collect and share. Devices such as your home computer, laptop, tablet, and smartphone are discussed, along with less obvious devices such as webcams (both internal and external), external storage devices, smart appliances, and smart home management tools. Among those tools are connected video doorbells, home security and video surveillance cameras, thermostats, lighting, gaming consoles, and smart speakers (digital assistants).
In addition to the devices in your home, this chapter also explores the devices that you wear on your body or carry with you. Such devices include activity trackers, smartwatches, digital wallets, implants, smart glasses, GPS wayfinders, and medical devices. This chapter will also venture into a discussion on the privacy risks involved in home networks—namely wireless routers and access points, physical or virtual firewalls, and Bluetooth-connected devices.
Your Devices and Privacy—An introduction
The above introduction uses the term digital device. Definitions of devices vary, which warrants a section for the definition of key terms used in this chapter. It is suggested that readers create a chart or similar method of documenting new terms (and their definitions) and update this chart continuously while engaging with the chapters in this text. Alternatively, you can go to any online flashcard creator. I like brainscape.com for online flashcards and Anki for offline (but shareable) digital flashcards. Build your own custom flashcards and then share them with your colleagues, classmates, friends, and peers who are also interested in digital privacy.
A digital device is defined as any electronic device that uses digital technology to function. It is a device that can send, receive, store, and process data (information in binary form). The opposite of digital devices is analog devices—or devices that do not have/use embedded computers, CPU, microprocessors, microcontrollers, or embedded circuits. Analog devices are those that use manual switches, dials, and/or electrical power.
Many, but not all, digital devices have communication chips included that allow the device to connect either directly to the internet or to the main controller (that is on a network). There are many digital devices that cannot connect to anything. Take, for example, your old digital watch, alarm clock, or television as examples of devices that may not be connected. Your old car is another example; however, as society increasingly expects and demands a hyper-personalized digital experience, many of these traditional devices are now being manufactured with the ability to connect to other devices in the home as well as to the internet (or they are retrofitted).
Consider your own devices. How many are smart (connected) and how many are not? If you have smart devices in your home, for what reason did you purchase them?
Section 1: Mobile Devices and Privacy
Mobile devices, such as smartphones, laptops, tablets, portable hard drives and USB keys, can hold huge amounts of sensitive personal information. It’s important to take measures to protect the data on these devices from loss; theft; and threats, such as viruses and spyware (Office of the Privacy Commission of Canada, 2020).
Mobile devices collect incredible amounts of private information, including messages, emails, phone calls, location data, health information, banking/financial accounts, images and videos of a private/personal nature (e.g., pictures of your children or of your driver’s license), lists of tasks, contacts (friends, coworkers, family), your meetings, where and how you shop, which websites you visit, usernames and passwords, biometric information, and more. The list seems endless—and in some sense, it is, because you are constantly creating new data via your smartphone.
Try to make a list of the information you would categorize as private. Does your device need this information to function properly?
Managing Privacy Information on a Smartphone
“It’s hard to overstate how much of our personal lives we can potentially reveal to our smartphones.”
(Privacy Rights Clearinghouse, 2017)
Many computing devices—including smartphones—have a setting for the user to manage permissions. This is a function added to smartphones and other smart devices to allow the user some control over what data the device can collect, save, store, and share. On a smartphone, for example, permissions can be as granular as deciding which of your mobile apps can access your location, your contacts, your files (pictures, videos, emails, text messages), your cameras, and your microphone to record audio.
Locate the permissions setting on your phone. Look through which apps have what permissions. Any surprises? Do the apps on your phone need this access in order to function?
Note. App-based games will often require the user to grant permissions to the app before the game can be played. In fact, some apps harvest our data even when we deny them access to personal information and the situation seems to only be getting worse with each passing year (Mikalauskas, 2021, para. 2)
Similar settings can be found on your tablet, laptop, computer, fitness/activity tracker, and so on. Familiarize yourself with these settings. Many applications collect data about you (that they do not need) in order to sell that information to third-party marketing firms. The revenue from the sale of this data allows the app creator/provider to make a profit while providing the app at no cost to the consumer. Recent research by pcloud.com identified a number of mobile apps that tracked and shared/sold your data; Facebook, Instagram, and food delivery apps were among the top culprits (Dimitrov, 2021). This same study found that “52% of mobile apps share your data with third parties” (para.7).
Another method app vendors will employ to generate revenue is to offer free versions of their app, but they restrict functions and features to the paid version. There is some merit to paying for your privacy. In a recent article, Thorin Klosowski (2021) found that paid versions of apps “don’t have ads and so don’t benefit directly from collecting data about you” (para. 26).
Section 2: Computers and Operating Systems
In addition to all the newer digital devices, tools, and services, home desktop computers and laptops continue to increase in popularity (Alsop, 2022). Given the recent trend of workers completing their work from home, the demand for desktop computers and laptops has increased (Foran, 2021). Multiple studies report personal computers to be second only to smartphones in terms of personal computing device sales. In fact, according to PEW Research (2015), 80% of homes in the US had a personal computer. According to the United States Census Bureau data from 2018, that number rose to 92% of households that had at least one type of computer and 85% of homes had a broadband internet subscription.
In addition to the work-from-home trend brought about by the pandemic, the popularity of desktops and laptops can be attributed to increased use of personal computers for online gaming, streaming services (like Netflix), and the general belief that hard-wired internet is faster, safer, and more reliable than wireless communications (Paus, 2018). Computers run operating systems to facilitate the user interface. Windows 10 is the world’s most widely adopted operating system, running on three out of every four desktop computers and is installed on over 1.4 billion devices (Mehdi, 2020).
However, despite widespread—and increasing—adoption, personal computers and laptops are not without risks and challenges. For example, a) these devices are not as portable as tablets or smartphones; b) they must be connected by wired or wireless devices and cannot connect to mobile networks; c) they are usually large and often need dedicated room/space; and d) they are often shared among all users in the house, require constant/uninterrupted power, and can be expensive. Personal computers often require peripheral devices for users to efficiently operate, including a mouse, monitor, keyboard, webcam, speakers or headphones, external hard drives, and USB keys. Very few personal computers support touch screen interfaces, and therefore, require a higher level of digital literacy to operate. Lastly, and this is not unique to personal computers and laptops, they pose security risks to children who browse, watch, and chat with strangers online without supervision.
Protecting your Privacy on Personal Computers
There are alternatives to Windows operating systems, such as Linux distributions like Ubuntu, Linux Mint, and Zorin OS. Another option is to use virtual machine (VM) software, which allows a computer user to separate, isolate, and segregate (a process called sandboxing) their primary operating system from other, riskier tasks such as web browsing, downloading files, sharing files, and reading emails.
In order to protect your privacy in a personal/home computer, consider these suggestions:
- Use physical tools to cover devices like webcams and microphones.
- Make sure you lock or log out of your computer every time you step away from it.
- Install antivirus software (there are many options with minor differences) and/or the security measures built into the operating system (e.g., Windows Defender).
- Update your operating system and other software regularly.
- Use whole disk encryption on your PC and store your files on encrypted external hard drives using frequent backups (this protects against ransomware as well).
- Turn off your home router when you are asleep or away from home.
Witkowski (2022) suggests that the global pandemic is partially to blame for the massive growth of personal computers and operating system adoption as an unprecedented number of people were thrust into working from home. In what ways have working from home impacted personal privacy? What are the positive and negative privacy implications? Consider factors such as webcams, the confidentiality of information, cyber (or information) security, remote access and authentication, and stress levels.
Section 3: Wearable Devices and Privacy
In keeping with the suggestion that you collect key terms used in this chapter, let’s define another—often nebulous—technical term as we define and describe what is a wearable device. In this section, we will review wearable devices and other tools to secure your conversations, messages, and video calls.
Wearable devices (or simply wearables for short) go by many names, including wearables, fashion tech, fashion electronics, skin electronics, and tech togs. It is generally accepted that wearables are the devices you wear on your body—either directly on your skin or with your clothes—that store, collect, process, or share digital information. These are often worn for extended periods of time.
It is important to note that not all wearable devices are connected to the internet (IoT devices). Wearables include devices like fitness/activity trackers and step counters, smartwatches, MP3 players, smart glasses/eyewear, HMD/HUD, safety gear (personal alarms, fallen person), health tracking equipment (medical devices), smart jewelry, GPS locators (for children and vulnerable people), smart clothing, authentication/access control devices (to unlock a door, start a car, log into a computer), and workplace/employee trackers. According to Market Research Engine (2021), the wearables industry will exceed $95 billion globally by 2026.
Benefits of Wearable devices
Wearables have exponentially increased in popularity for a number of reasons. The primary driver to date has been healthcare and health benefits due to the highly personal and private information these devices can collect, analyze, and report. Wearables can measure fitness/activity levels, heart rate, blood pressure, positive reinforcement, movement reminders, and more.
There are also safety benefits to wearables, including location trackers, hands-free use, and personal alarms—also called panic alarms—that are either manually or automatically activated. For example, the Apple Watch now has fall detection (as shown in this Apple-watch commercial). The Apple Watch will also enter emergency mode, which causes the watch to display your medical information to first responders. Other examples of personal/panic wearables include the Ripple 24/7 personal/panic alarm and the Revolar device. Fall detection wearables specifically designed for seniors, such as Lifestation Mobile and SureSafeGo, are also increasing in popularity as the average age of Canadian citizens continues to rise (Statistics Canada, 2021b). Wearables for children are also gaining popularity (in terms of locating lost children), as are health devices that monitor blood sugar levels using continuous glucose monitors (CGMs).
Many wearables need to connect with a smartphone in order to maximize their functions and features. These connections usually rely on Bluetooth and then leverage the smartphone’s cellular or wi-fi connectivity to operationalize the data being recorded. This communication works both ways, with many wearables now able to display incoming calls and text messages to the user without the user needing to access their phone. Wearable providers rely on this app-to-wearable connection to collect data that can be monetized and/or analyzed to personalize the user experience.
A wearable connection to the internet—via the smartphone—leads to another tangible benefit, that of the ability to make payments using the wearable device. As we move to an increasingly cashless society (Holzhauer, 2020), wearables may be a factor in reducing the number of muggings and other financial crimes such as counterfeiting.
The last benefit to wearables—and perhaps the most obvious—is that they are portable. These devices and sensors are lightweight, inconspicuous, and connected. Many wearables double as fashion accessories, making these devices not only functional but fashionable as well. This, perhaps more than the other benefits listed above, are what Caldwell (2019) attributes to the popularity of wearable devices. In addition to being fashion accessories, wearables can now also be found in our clothing for health or activity monitoring, as evidenced by this example of GPS enabled sportswear for female athletes and body roll sensors for competitive swimmers.
Challenges with Wearable Devices
Although there are many benefits to wearables, they also come with some risks and challenges. From a privacy perspective, the foremost of these lies in the volume of personally identifiable and private data that wearables collect, track, analyze, and share. Examples include location history, health status and history, place of employment, financial information, microphones (calls/audio), cameras, search history, personal messages, contacts, and more. These devices were designed with an emphasis and priority on ease of use and functionality—not privacy or security. If compromised, the data of these devices could be sold or abused, which is what occurred in this article from HealthITSecurity.com (McKeon, 2021).
Other challenges with wearables include battery life, which can be short and reduced over time, requiring frequent charging. Wearables must also be worn or removed depending on activity, may interfere with or influence other electronic devices, can cause skin irritations, are often inaccurate (for example, step counters, heart rate, and even location), and are usually expensive—especially when the device is web-connected or Bluetooth-enabled. In fact, according to research by Gartner (2016), approximately one-third of users abandon their wearable devices due to perceived usefulness, boredom, or breakage.
As you reflect on the sections so far in this chapter, ask yourself the following questions:
- What is the horizon with respect to health/identity information, human augmentation, covert surveillance/scanning and location tracking?
- What are the privacy-protection options for wearable users? Are there indications that users can have either privacy or wearables, but not both?
- Consider subcutaneous implants and smart tattoos, or retail purchases via your device. Do these present different privacy risks?
- To what do you attribute the growth and popularity of wearable devices despite the privacy implications and risks to personally identifiable information?
- How might wearable devices be used in education?
As you reflect, consider the following scenario and your response to it:
Cynthia is pulled over because her smart/wearable device notified police that she was driving with a blood-alcohol level above the legal limit. The police officer states they would not have stopped the vehicle on suspicion of driver intoxication based on observations alone, and only stopped the vehicle because of the device’s report.
- Is this a violation of Cynthia’s privacy?
- Is this an ethical issue?
- Other than Public Safety, which other sectors/industries might use information like this?
Section 4: Smart Home Devices and Privacy
What is a smart home device? According to Qashlan et al. (2021), smart home devices are growing rapidly but pose significant privacy concerns. A smart home device can be defined as any electronic device that has data processing ability and the ability to connect to other devices, controllers, or networks (like the internet). These devices often automate tasks that were previously performed by a person and allow for a variety of user input/interface options, including physical buttons, voice commands, smartphone apps, sensor or time-based automation, or artificial intelligence.
You may see smart home devices also referred to as smart home gadgets. Examples include digital assistants, televisions, thermostats, doorbells, lights, vacuums, windows, fridges, electrical outlets, cameras, burglar alarms, exercise equipment, sound systems, toothbrushes, lawnmowers, lawn sprinklers, structural sensors, and even garage door openers. Smart home devices have risen to prominence in large part due to the homeowner’s desire to be aware of, but not necessarily responsible for, the operation of the many devices in the home. There are numerous benefits to smart home devices. A study by PEW Research Center (2017) found that “nearly one-in-five American households (18%) are hyper-connected—meaning they contain 10 or more of these devices” (para. 4).
Benefits of Smart Home Devices
Among the benefits of smart home devices is their capacity to save homeowners money on electricity, water, gas (heating) and other home operating costs. This is accomplished by raising awareness of utilities’ use, metering utilities during peak times, and turning powered devices on and off only when needed. An example is the Nest thermostat, which, upon detection (or manual input) that you have left work, turns on the heat in your home.
Beyond utilities, smart home devices also save money by being more efficient. For example, they can save you time by automating some tasks such as grocery shopping. Smart fridges can order from Amazon if they detect that groceries are low; autonomous vacuums can clean on a set schedule; lawnmowers can cut the grass when they detect that the grass is too long; and alarm clocks can monitor sleep patterns and raise or lower heat and lighting to maximize the quality of sleep. The list goes on.
Smart homes can also be safer and more secure through the use of controllers (hubs and smartphones), sensors, and security devices such as video surveillance cameras to monitor people and property. Intelligent lighting may create the illusion of occupancy, which is the #1 deterrent for a home break and enter. Smart homes also allow voice activation to emergency services such as calling 9-1-1. The data collected in a smart home can be a rich source of evidentiary data for law enforcement should an incident occur in or near the home. Through the connectivity to the home wireless network, many smart homes devices support remote management and monitoring, which for example, might be used by parents to know when their children are home safely or that someone is at the door.
Challenges to Smart Home Devices
Despite the tangible benefits that have contributed to the widespread adoption of smart home devices, they are not without risks and challenges—especially to personal privacy. Baucas et al. (2021) find that from a cybersecurity perspective, all of these connected devices greatly increase the attack surface (and therefore, the cyber vulnerabilities) that malicious actors may use to intrude on home networks.
Given the volume of personal data that these devices collect—often without the user’s knowledge or consent—there are significant privacy concerns should these devices be compromised. Popular examples of compromises include malicious actors surreptitiously recording audio and video, browser traffic, and more. Given the cyber risks to these devices, there is a need to upgrade hardware, software and firmware regularly.
Many smart home devices are battery-powered, so there is a need to replace batteries in order to maintain the power levels. Plug-in devices may suffer damage (both physical and digital) in the event of a power surge. There is also a need to assure and maintain the device’s connectivity to networks, controllers, and/or other devices. Some devices are expensive to purchase and require expertise to install and configure correctly—both initially and over time. Most devices are configured using a smartphone interface, which may pose a challenge to users who are not digitally-literate.
Privacy and Smart Home Devices
From baby monitors to smart TVs to digital assistants/smart speakers, there are devices in your home with the ability to record your personally identifiable information. Whether it is through the recording of information you send/receive/view, or audio/video activity in the home, the potential for personally identifiable information (PII) to be collected, stored, and shared by these devices must be addressed. One option to address privacy concerns is to read the cyber hardening guides of these devices (such as this guide from Axis Communications [PDF]), and only buy devices that provide this kind of security documentation.
As you read the guides, educate yourself if the language or steps are not clear. One of the first steps in cyber hardening a device is to ensure that the device’s software and firmware are updated. Make sure you only download updates from the manufacturer. Cyber hardening guides may also suggest that you unplug or remove batteries of devices when you are not using them for an extended period.
Another option is to visit sites like Mozilla’s Privacy Not Included which allow you to search a database of devices known to collect and share private information. Most smart home devices come with accompanying smartphone apps or QR codes linking you to company websites; however, many of these apps and websites will require you to share your personal information—often under the guise of warranty registration. Make informed decisions about using these apps and websites, and always confirm the app is not a third party. Many smart home devices require access to your home wireless network, which makes protecting your home’s wireless networks a critical step in privacy protection.
Celemnti (2021) cites a report released by Hub Entertainment Research which finds that 59% of smart speaker users have privacy concerns. In the article, Clementi quotes David Tice, senior consultant to Hub and co-author of the study, as saying “This new report shows just how pervasive voice control is, and how quickly consumers have embraced it, even if they have major privacy concerns” (para. 5). Voice control has significant benefits as well, so how do you make informed decisions about using smart home devices that support voice commands?
Section 5: Privacy and Home (Wireless) Networks
What is a network? In its simplest form, a network is any two (or more) machines or devices that share data and resources across a medium. Wireless networks, therefore, are networks that rely on radio frequencies (RF) and other wireless communication protocols to connect and communicate (send and receive data) between devices. Devices on a home network may be smart devices (called nodes) or dedicated networking hardware infrastructure machines such as routers, switches, and controllers. Wired networks are similar to wireless networks in their functions but require physical cables and electrical power. There are many types of home wireless networks and many different protocols that can be used for communication. Examples of wireless technologies include WiFi, ZigBee, Bluetooth, and WiMax. Users can identify a wireless network by its name or Service Set Identifier (SSID). Home wireless routers/networks primarily use two frequency bands, 2.4GHz and 5GHz. Both bands have been around for a long time, but the recent emergence of wireless devices that use the 2.4Ghz band has pushed 5Ghz wireless to the forefront.
There are also a variety of network topologies and types of networks that connect your small home network to a much larger network. These larger networks that you connect to can be private (such as your connection to your workplace’s corporate network) or public (such as the internet). Networks can be deployed in a variety of designs—each with different advantages and disadvantages. Common designs (also called layout, or topology) include star, bus, ring, mesh, tree, and hybrid designs. The components of your network depend on the number and types of devices connected to it. For example, you may have nodes (devices) such as computers, laptops, smartphones, controllers, routers, switches, hubs, firewall appliances, a connection medium (wired and/or wireless) and a protocol that regulates how all of these components interact.
The above provides a high-level summary of traditional home networks, but there are other types of networks. For example, satellite communication networks, Cellular communication networks (such as 3G, 4G, 4G LTE, and 5G—the “G” stands for generation), and directional radio frequencies (similar to broadcast radio in your car and two–way portable radios). Networks require a connection between a minimum of two computing devices but have no maximum. The largest network in the world is the internet. It is so large that many refer to the internet as a network of networks.
Whether the home network is wired or wireless, Statistics Canada (2021a) reports that 94% of homes in Canada have broadband internet access. This massive adoption speaks to the benefits of internet access—specifically wireless internet. Wireless networks are much cheaper to purchase and faster to deploy than wired networks. Most homes need only a router with a built-in modem to instantly connect to their internet service provider (ISP) such as Rogers, Telus, Bell, and Shaw. Interestingly, these routers that provide the home with wireless connectivity usually require a wired connection—often via a telephone cable or coaxial video cable. Once the router/modem is connected to the ISP, it will support connections—and therefore, internet access—to a multitude of devices within range of the router. A router’s range is dependent on several factors; however, an explanation of these factors falls outside the scope of this chapter.
Wireless networks are also more scalable than their wired counterparts and easier to upgrade, making wireless networks more future-proof, which, given the advances in networking technology, makes wireless the preferred option for most homes. The ubiquity and increasing number of smart home devices, wearables, smartphones, and IoT devices that require internet access—many of which do not support a wired connection—make wireless networks the logical choice (pun intended).
Of note is that most smartphones will automatically switch to a known wireless network, which creates significant cost savings to the owner, as cellular data (an alternative to home wireless) is expensive. Lastly, and from a security and privacy standpoint, wireless networks allow for communication on the network to be encrypted and password-protected, whereas, with wired networks, physical access overrides nearly all security measures in place.
Challenges with Wireless Networks
As has been the approach to each of the privacy tools and technologies discussed in this chapter, a discussion on the challenges to wireless networks is appropriate. Despite the significant affordances of wireless networks, there are still risks that need to be considered and addressed. For example, wireless networks are subject to interference with and from other electronic devices. This interference can interrupt or delay data transfer on the wireless network as well as result in incomplete data being received. Wireless networks, especially those on the 2.4Ghz bands, are often competing with other devices on the same frequency—including the microwave, wireless telephones, and all Bluetooth devices. This makes for a crowded frequency, which is why many home wireless networks offer a 5Ghz connection as an alternative. Many intelligence devices will switch to the faster of the two wireless networks.
Further, wireless networks have range limitations that can create dead spots (or locations with low-to-no wireless connectivity) in the home. Also, due to signal leakage outside the walls of the home, wireless is considered by many to be less secure than wired networks as physical access to the devices is not required. This makes it more difficult to secure all nodes on the network. In addition, many homeowners do not take precautions to secure their wireless networks, preferring to leave them as an open network for ease of access. Lastly from a security standpoint, given that the wireless network name is configurable, a user can easily connect to a malicious wireless network masquerading as a legitimate one. This is common in restaurants, hotels, and other locations that offer free, open wireless internet.
Privacy and Wireless Networks
Having examined the benefits and challenges of home wireless networks, you may be wondering where this conversation leaves you with respect to securing your private information. Good news! There are a number of strategies and tools to accomplish this.
The first is to leverage the best encryption your wireless controller (or router) supports. The most common wireless encryption protocols are WEP, WPA, WPA2, and WPA3. Of these, WPA3, which was released in 2018, is considered the most secure and is now the standard for all wireless communications due to its use of advanced encryption and session management.
However, WPA3 is not infallible, and vulnerabilities do exist. Consider turning off your home wireless router at night or when you are not at home as a means of reducing the attack surface of your home network. It is also highly recommended that you secure your home wireless network with a complex password and that you change it every 3-6 months. Wireless routers can also be set to not broadcast their SSID (network name), and many privacy and security-conscious homeowners choose this option. This adds a step in connecting new devices, but the security is worth the extra few minutes.
Consider using physical firewall devices or virtual software-based firewalls on your computers and other capable equipment. Set up sub-networks (also called virtual local area networks, or VLANs) for your smart devices as a way to separate them from your other computing devices. When using the internet on those computing devices, use a VPN (discussed in chapter 7 of this e-book) for your day-to-day browsing, banking, and retail purchases. Lastly, if you suspect there might be an issue with an intruder or malicious software slowing down your wireless network, you can log into the router using your laptop or PC and access the router’s configuration pages. These pages will tell you which devices are connected to your network and whether they are consuming your bandwidth.
Log into your home router’s main configuration page. You may need to do that by typing the router’s IP address into your web browser. To find the IP address, you may need to examine the router for stickers or read the documentation that came with the router. Alternatively, you can check online by Googling your router’s make and model along with the phrase “default IP.” You may also find the router’s default password (often admin or similar). Once you have access, browse to the configuration page that shows all active connections and historical connections. Do you recognize the names of every device in that list? Some of the names may be less clear than others. You will likely see laptops, tablets, smartphones, printers, smart home devices (TVs, video surveillance), and gaming consoles— depending on the devices in your home. Any surprises? Share the results with your peers.
After completing the above exercise, reflect on the scenario below. As you read, consider each of the sections in this chapter and if/how the content of those sections relates or applies to this scenario.
- How might the benefits of smart devices and home computing devices outweigh the privacy risks?
- To what degree does digital literacy impact a person’s ability to protect their privacy while also using smart devices?
- What smart devices are currently being used in your classrooms (or the classrooms of your peers)
- In what way can smart devices impact the private information of your students?
- Are you aware of any policies in your workplace that govern the use of smart devices?
Section 6: Future Technologies and their impact on Digital Privacy
This section of the chapter discusses the evolution of the privacy-related tools and technologies discussed in Chapter 6 and Chapter 7 of this e-book. Those chapters discussed current, relevant, and available technologies and services that have matured and been adopted by the consumer market. This section calls on learners to set their eyes on the future of specific digital technologies and see these technologies through the lens of digital privacy. As with the technologies discussed so far, the tools, technologies, systems, and services discussed in this chapter have equal potential to both compromise privacy and PII and to protect it.
This section of the chapter aims to increase your understanding of a number of technologies you may have heard of—and perhaps even studied—in your daily lives. This is accomplished by defining these technologies and examining their role in preserving and compromising your private information. The technologies selected for this part of the chapter are those which stand to have a significant impact on digital privacy. Throughout this chapter, you have encountered words, terms and definitions that were unfamiliar. It is hoped that you have documented these terms in a chart (or other documents) as suggested earlier in this chapter. That list/chart is about to grow! In this section, we discuss and define terms that include
- emerging technology (ET),
- virtual reality,
- augmented reality (AR),
- mixed reality,
- digital (or crypto) currencies,
- quantum computing,
- biometrics, and
- privacy certification.
When you read the words emerging technology which images come to mind? Perhaps you imagine technologies from popular media (books, video games, movies, and television) or something else entirely. According to Rotolo et al. (2015), emerging technologies are defined by five attributes: radical novelty, fast growth, coherence, prominent impact, and uncertainty and ambiguity. Mohanad Halaweh (2013) also posits that ET had certain characteristics such as uncertainty, network effect, unseen social and ethical concerns, cost, limitation to particular countries and a lack of investigation and research. Examples of ET include cryptocurrencies, robotics, drones and unmanned aerial vehicles (or UAV), persistent biometrics, human augmentation, quantum computing, nanotechnology, blockchain, augmented and virtual reality, artificial intelligence and machine learning, 5G and 6G wireless networks, and autonomous vehicles just to name a few. Can you think of any other emerging technologies?
Emerging Technology #1: Augmented and Virtual Reality
In this section, we examine the emergence in popularity of augmented reality and virtual reality, and if (or how) the widespread adoption of these technologies may impact your personal privacy. Let’s begin by defining these terms. Augmented reality is the superimposition (or overlay) of digital information over a physical space or objects in the real world (Berryman, 2012). Much like virtual reality, the gaming industry—combined with increased adoption and use of mobile devices and networks, provided the lift that augmented reality needed to rise to prominence. Popularized in the 1990s as a tool for jet pilots and astronauts to visualize flight, the first AR-based video games were launched in the early 2000s. A popular example of augmented reality can be found in the Pokemon Go mobile app, which launched in 2016 and remains today as one of the top mobile apps for gaming with over 1 billion downloads worldwide (Niantic & Nintendo, 2021). Other factors contributing to augmented reality’s meteoric rise come from Hollywood movies, some vehicles, museums, televised sports (e.g., the first down line in NFL games) and a myriad of mobile apps.
At its inception, augmented reality required a head-mounted display (HMD) to see the augmentation to reality, but this can now be done through glasses, cameras on mobile devices like tablets and smartphones. AR is also popular in education (remote instruction, libraries, etc.) as a tool to allow students to experience places and things—both past and present—and learn about them visually. For example, Google has an app that will allow learners to see animals—including extinct ones—superimposed on the real environment.
Augmented reality is a fascinating technology, but it is often confused with virtual reality. According to Berryman (2012), virtual reality is the technology that creates a fully immersive digital or computer-created environment. Whereas AR superimposes digital information on the physical world, VR places you in a fully digital environment—as a substitute for, or replacement of, the real world. In virtual reality, the entire space (and everything in it) is virtual, digital, or a simulation of reality—affording users a full immersion of sensory experience (Jia & Chen, 2017).
While the concept of VR is not new, it is an emerging technology with respect to the adoption and evolution of the uses, markets and educational applications. Similar to AR, VR requires an HMD and other hardware for the users to interact with the virtual environment. In addition to an HMD, VR hardware may include haptic gloves and suits, handheld controllers and cameras in the room to observe and re-create your movements in the virtual space. Haptic gear is especially important to virtual environments as it allows the user to also feel (not just see and hear) the virtual world. In essence, advanced virtual reality systems can simulate and stimulate each sensory input.
In addition to gaming, VR has been used in education for years, with research showing increased time on task for learners, motivation, deeper learning, and long-term retention, yet barriers to adoption persist (Kavanagh et al., 2017). In the educational context, VR has been used to enrich the learning environment in many ways. Read the article How VR In Education Will Change How We Learn And Teach for more information on the benefits of immersive 3D learning.
According to Kavanagh et al. (2017), “recently consumer interest in VR has sparked a wide range of new and often crowdfunded virtual reality devices” (p. 104). New VR products are emerging daily, including products like Microsoft HoloLens, Facebook’s Oculus Rift/Quest, HTC Vive, Playstation VR (for gaming), and HP Reverb. Similar to AR, much of the resurgence of the popularity of VR has been attributed to the gaming industry (Lindbergh, 2021) but has also migrated to other industries such as health and fitness, retail, and social media.
AR/VR and Privacy
The convergence of VR with social networks has begun. Social networks are an arena where privacy and private information are exchanged freely – often without the user realizing they are doing so (O’Brolcháin et al., 2016). These technologies present threats to informational privacy, physical privacy, and associational privacy. In learning, VR Learning Environments (VRLE) collect private information such as health/body data through sensors, voice patterns, associations, and location data (Gulhane et al., 2019). In VR, recordings of the physical space occupied by a user can also reveal and share private information (Roesner et al., 2014).
Emerging Technology #2: Cryptocurrencies and the Use Of Blockchain Technology
Cryptocurrencies, also called digital currencies, are a form of currency that is a digital artifact (asset). Its value is derived from the use of mathematical algorithms called cryptography. Cryptocurrencies are nearly impossible to counterfeit/duplicate due to the uniqueness of their binary code combined with the tracking of that currency, which uses a companion technology called blockchain. Unlike traditional currency, whose value is backed by a central bank or government, cryptocurrencies are decentralized, meaning they are not endorsed, printed, or regulated by an individual entity. Despite the benefits (portability, inflation resistance, divisibility, and transparency), cryptocurrency adoption has been slow—possibly due to the volatility of their value and their association with criminal activity. Bitcoin is the most popular cryptocurrency; other examples include Ethereum, Litecoin, Binance Coin, ZCash, and Tether.
A blockchain is a type of database that stores digital information (data) in blocks that are chained together in chronological order (the order they were created). These data can be any kind of information (financial transactions, student grades, medical data, identity credentials, copyrights, voting, supply chain monitoring, loyalty points, or insurance). Like cryptocurrency, blockchain is a decentralized technology (meaning no single group or user has control). It relies on replication/confirmation across many computers to validate, manage, and record transactions (Skiba, 2017). Therefore, a major benefit of blockchain technology is its security. Once entered into the blockchain, records cannot be deleted. All records are immutable (permanent) and viewable by anyone, which plays a significant role in reducing fraud and other criminal activity.
Blockchain in Education
Blockchains can be used to track student progress in a course/program over time and assure the integrity of grades, badges, certificates, academic credentials, and transcripts. It can also be used for file storage for collaborative/group projects, and in the cloud as well. Blockchain can reduce the cost of education by decreasing administrative costs surrounding loans, scholarships, tuition payments, purchasing materials/books, and there are fewer barriers to accessing content. It can reduce administrative costs for libraries as they can track and recover unpaid fines.
Authors and publishers can track how their research is being used while concurrently protecting their intellectual property. Blockchains can be used to verify and validate student security by confirming their attendance on field trips, buses, and ridesharing. Blockchain also supports the creation of educational marketplaces where students can learn anything from anyone via the blockchain. Lastly, blockchains can be used for tracking the integrity of student assessments and grades (Delgado-von-Eitzen et al., 2021; Black et al., 2019).
Privacy Considerations Of Blockchain Technology
Since one of the most appealing elements of the blockchain is transparency, privacy can be impacted unless data are kept on the blockchain in encrypted form (Alammary et al., 2019). According to Chowdhury et al. (2018), while the process for adding information to the blockchain – and the identity of the author – uses encryption to ensure the integrity of the data, the data/content of the entry is not encrypted. This could lead to private information being shared in the blockchain. Further, due to the nature of blockchain’s reliance on public keys, the public key of the blockchain user is visible, which can be an issue if that key type has known vulnerabilities.
Emerging Technology 3: Drones, Robotics, and Automation
Perhaps one of the most well-known but poorly defined terms in digital technology is the word robot. Robotics is a field that is often defined by its depiction in popular media, but the actual definition of a robot is highly complex (LaFrance, 2016). Depending on the person, this term evokes images of everything from humanoid robots like C3PO in Star Wars to manufacturing robots to robots that vacuum the carpet in your home. In the interest of clarity in this section, let’s agree on a definition. A robot is generally defined as any automated machine that executes a specific task, or a number of complex tasks (usually tasks performed by a human) with speed, accuracy, and precision without the need for human intervention. Rather, robots are either controlled externally (e.g., a human or system tells the robot what to do), or internally (e.g., using a combination of sensors and internal programming).
As with the other technologies discussed in this chapter, robotics play a role in education—both as a topic to be learned and as instruments in the learning process. In fact, learning about robotics as a field of study has increased in popularity due, in part, to the adoption of STEM programs by many education boards and institutions (Miller & Nourbakhsh, 2016). Learning with robots is also on the rise; however, where the robot is supporting the learner directly (e.g., as a simulated teacher) or indirectly (e.g., creating an adaptive simulation like driver training).
Robotics in popular media have been closely linked with artificial intelligence (AI) and machine learning (ML), resulting in many doomsday depictions of malicious robots and machines causing harm to humans; however, robotics are being used to support humans in critical ways, including conducting medical surgery, assisting with dangerous or repetitive tasks, and safe driving vehicles. It is important to note that not all robots are physical objects. They can also be computer programs or other digital constructs.
The above mention of artificial intelligence and machine learning highlights a critical area for discussion with respect to emerging technologies and digital privacy. While outside the scope of this chapter, other technologies that stand to impact digital privacy in the near future include biometrics—specifically as a primary means of identity presentation and management, human augmentation, or wearable robotics, and quantum computing—which represents the next evolution of the computer. Each of these technologies, and their potential role in preserving or infringing on digital privacy, need to be part of the discussion when considering the horizons of digital privacy.
Passionate about Privacy? Take your privacy knowledge to the next level
The final section of this chapter discusses a few options for those readers who wish to take their privacy knowledge further by earning an industry-recognized certification. One of the most recognized privacy certifications in Canada comes from the International Association of Privacy Professionals (IAPP). The certification is called the Certified Information Privacy Professional/Canada (or the CIPP/C). According to the IAPP website, the CIPP/C certification is the global standard for people wishing to demonstrate their expertise in privacy laws, regulations and frameworks (n.d.). The IAPP also offers the Certified Information Privacy Manager (CIPM) certification, which takes a more management-centric approach that focuses on the operations side of privacy. The Certified Information Privacy Technologist (CIPT) certification is geared at those who understand the technological aspects of data protection, privacy, software engineering, IT and information security.
In chapter 5, we discussed the General Data Protection Regulations (GDPR), and there is a privacy certification that is GDPR-centric; it’s called the PECB Certified Data Protection Officer certificate. According to the PECB (n.d.) website, completion of this certification proves that you possess the professional capabilities and practical knowledge to advise the controller and the processor on how to meet their obligations regarding GDPR compliance.
The Privacy and Access Council of Canada (PACC) offers certifications that claim to set the standard of excellence for the data protection profession (n.d.). They offer three privacy certifications of increasing difficulty: the Associate Access and Privacy Professional (AAPP), the Chartered Access and Privacy Professional (CAPP), and the Master Access and Privacy Professional (MAPP). Each of these certifications is valid for three years and requires the holder to complete additional, continuing professional development.
Finally, the Canadian Institute of Access and Privacy Professionals (CIAPP) offers an impressive certification called the Information Access and Protection of Privacy (IAPP) Certificate. Completion of this certificate program allows the holder to be deemed CIAPP-certified. Unlike some competing privacy certification providers who are profit-based, CIAPP is a non-profit organization that claims, “We are not about scaring individuals into becoming certified for any reason other than their own desire to be recognized and support our great profession” (CIAPP, 2021, para. 6).
There are a number of Canadian colleges and universities that offer certificates and courses in privacy protection, privacy management, and other, similar titles. There are also a number of vendor-neutral IT certification organizations that offer data protection certifications, including the Certified Data Privacy Solutions Engineer (CDPSE) from ISACA (n.d.) and ISC² offers a privacy certification that is specific to healthcare, called the HealthCare Information Security and Privacy Practitioner (HCISPP) certification (n.d.). As you can see, these certifications range from the general to the highly specific depending on the environment and context in which you work.
Alammary, A., Alhazmi, S., Almasri, M., & Gillani, S. (2019). Blockchain-based applications in education: A systematic review. Applied Sciences, 9(12), 2400. https://doi.org/https://doi.org/10.3390/app9122400
Alsop, T. (2022, January 10). Notebook, desktop PC, and tablet shipments worldwide from 2010 to 2025. Statista. https://www.statista.com/statistics/272595/global-shipments-forecast-for-tablets-laptops-and-desktop-pcs/
Baucas, M. J., Gadsden, S. A., & Spachos, P. (2021). IOT-based Smart Home Device Monitor using private blockchain technology and localization. IEEE Networking Letters, 3(2), 52–55. https://doi.org/https://doi.org/10.1109/lnet.2021.3070270
Berryman, D. R. (2012). Augmented reality: A Review. Medical Reference Services Quarterly, 31(2), 212–218. https://doi.org/https://doi.org/10.1080/02763869.2012.670604
Black, M., Donelan, L., Higgins, T., Koenig, N., Lenzen, B., Muniz, N., Patel, K., Pfeiffer, A., Taylan, A., Thomas, A., & Wernbacher, T. (2019). From learning to assessment. Utilizing blockchain technologies in gaming environments to secure learning outcomes and test results. MCAST Journal of Applied Research & Practice, 3(2), 172–192. https://doi.org/https://doi.org/10.5604/01.3001.0014.4395
Caldwell, A. (2019, February 22). Technology and fashion unite as the wearable market matures. Newsroom. https://www.mastercard.com/news/press/2019/february/technology-and-fashion-unite-as-the-wearable-market-matures/
Canadian Access and Privacy Association (CIAPP). (n.d.). Certification FAQ. http://www.ciapp.ca/faq%20page.htm
Chowdhury, M. J. M., Colman, A., Kabir, M. A., Han, J., & Sarda, P. (2018). Blockchain versus database: A critical analysis. 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), 1348–1353. https://doi.org/https://doi.org/10.1109/trustcom/bigdatase.2018.00186
Clementi, A. (2020, January 21). 59 per cent of smart speaker users have privacy concerns – report. Mobile Marketing. https://mobilemarketingmagazine.com/59-per-cent-of-smart-speaker-users-have-privacy-concerns-report-
Delgado-von-Eitzen, C., Anido-Rifón, L., & Fernández-Iglesias, M. J. (2021). Blockchain applications in Education: A systematic literature review. Applied Sciences, 11(24), 11811. https://doi.org/https://doi.org/10.3390/app112411811
Dimitrov, I. (2021, March 5). Invasive apps. pCloud. https://www.pcloud.com/invasive-apps
Firmbee. (2015, January 20). Digital devices [Photograph]. Unsplash. https://unsplash.com/photos/OP2EQ5g-Zkw
Foran, P. (2021, September 24). Desktop computers make comeback as people continue to work from home. CTV News. https://toronto.ctvnews.ca/desktop-computers-make-comeback-as-people-continue-to-work-from-home-1.5599828
Gartner, Inc. (2016, December 07). Gartner survey shows wearable devices need to be more useful. https://www.gartner.com/en/newsroom/press-releases/2016-12-07-gartner-survey-shows-wearable-devices-need-to-be-more-useful
Gulhane, A., Vyas, A., Mitra, R., Oruche, R., Hoefer, G., Valluripally, S., Calyam, P., & Hoque, K. A. (2019). Security, privacy and safety risk assessment for Virtual Reality Learning Environment Applications. 2019 16th IEEE Annual Consumer Communications & Networking Conference (CCNC), 1–9. https://doi.org/10.1109/ccnc.2019.8651847
Halaweh, M. (2013). Emerging technology: What is it?. Journal of Technology Management & Innovation, 8(3), 19–20. https://doi.org/http://dx.doi.org/10.4067/S0718-27242013000400010
Holzhauer, B. (2020, October 22). The pandemic is fast forwarding us to a cashless society—and making life harder for the unbanked. Forbes. https://www.forbes.com/sites/advisor/2020/10/22/the-pandemic-is-fast-forwarding-us-to-a-cashless-society-and-making-life-harder-for-the-unbanked/?sh=1a5bbec7f1fb
International Association of Privacy Professionals (IAPP). (n.d.). The value of certification. https://iapp.org/certify/
ISACA. (n.d.). Validate your expertise. Boost your IT profile. https://www.isaca.org/credentialing/certified-data-privacy-solutions-engineer
(ISC)², Inc. (n.d.). HCISPP – The HealthCare Security Certification. https://www.isc2.org/Certifications/HCISPP
Jia, J., & Chen, W. (2017). The ethical dilemmas of virtual reality application in entertainment. 22017 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC), 696-699. https://doi.org/https://doi.org/10.1109/cse-euc.2017.134
Kavanagh, S., Luxton-Reilly, A., Wuensche, B., & Plimmer, B. (2017). A systematic review of Virtual Reality in education. Themes in Science & Technology Education, 10(2), 85–119. https://doi.org/https://files.eric.ed.gov/fulltext/EJ1165633.pdf
Klosowski, T. (2021, May 6). We checked 250 iPhone apps—this is how they’re tracking you. Wirecutter Inc. https://www.nytimes.com/wirecutter/blog/how-iphone-apps-track-you/
LaFrance, A. (2016, March 22). What is a robot?. The Atlantic. https://www.theatlantic.com/technology/archive/2016/03/what-is-a-human/473166
LeFebvre, D. (2018, December 19). Digital thermostat [Photograph]. Unsplash. https://unsplash.com/photos/RFAHj4tI37Y
Lindbergh, B. (2021, January 12). Waiting for the future of virtual reality. The Ringer. https://www.theringer.com/2021/1/12/22226387/virtual-reality-playstation-xbox-oculus
Market Research Engine. (2021, February 11). Wearable devices market research report (report ID: SEWDM717). https://www.marketresearchengine.com/wearable-devices-market?mod=article_inline
Mehdi, Y. (2020, March 16). Windows 10: Powering the world with 1 billion monthly active devices. Windows Experience Blog. https://blogs.windows.com/windowsexperience/2020/03/16/windows-10-powering-the-world-with-1-billion-monthly-active-devices/
McKeon, J. (2021, September 1). 61M Fitbit, Apple users had data exposed in wearable device data breach. Patient Privacy News. https://healthitsecurity.com/news/61m-fitbit-apple-users-had-data-exposed-in-wearable-device-data-breach
Mikalauskas, E. (2021, March 17). Android apps are asking for too many dangerous permissions. Here’s how we know. CyberNews. https://cybernews.com/privacy/android-apps-are-asking-for-too-many-dangerous-permissions-heres-how-we-know/
Miller D.P., Nourbakhsh I. (2016) Robotics for education. In B. Siciliano, & O. Khatib (Eds.), Springer handbook of robotics (pp. 2115-2134). Springer, Cham. https://doi.org/10.1007/978-3-319-32552-1_79
Niantic Inc., & Nintendo/Creatures Inc./GAME FREAK Inc. (2021). Pokémon GO [Mobile App]. Apple App Store. https://apps.apple.com/us/app/pok%C3%A9mon-go/id1094591345
Office of the Privacy Commissioner of Canada. (2020, August 20). Smart devices and your privacy. https://www.priv.gc.ca/en/privacy-topics/technology/02_05_d_72_iot/
O’Brolcháin, F., Jacquemard, T., Monaghan, D., O’Connor, N., Novitzky, P., & Gordijn, B. (2015). The convergence of virtual reality and social networks: Threats to privacy and autonomy. Science and Engineering Ethics, 22(1), 1–29. https://doi.org/https://doi.org/10.1007/s11948-014-9621-1
Paus, L. (2018, May 2). Wi‑Fi or Ethernet: Which is faster and which is safer?. WeLiveSecurity. https://www.welivesecurity.com/2018/05/02/wifi-ethernet-faster-safer/
Pew Research Center. (2015, March 19). Internet seen as positive influence on education but negative on morality in emerging and developing nations. https://www.pewresearch.org/global/2015/03/19/1-communications-technology-in-emerging-and-developing-nations/
Pew Research Center. (2017, May 25). A third of Americans live in a household with three or more smartphones. https://www.pewresearch.org/fact-tank/2017/05/25/a-third-of-americans-live-in-a-household-with-three-or-more-smartphones/
Privacy & Access Council of Canada (PACC). (n.d.). Certification. https://pacc-ccap.ca/certification/?cn-reloaded=1
Privacy Rights Clearinghouse. (2017, December 19). Smartphone privacy. https://privacyrights.org/consumer-guides/smartphone-privacy
Professional Evaluation and Certification Board (PECB). (n.d.). GDPR – Certified Data Protection Officer. https://pecb.com/en/education-and-certification-for-individuals/gdpr/certified-data-protection-officer
Qashlan, A., Nanda, P., He, X., & Mohanty, M. (2021). Privacy-preserving mechanism in smart home using blockchain. IEEE Access, 9, 103651–103669. https://doi.org/https://doi.org/10.1109/ACCESS.2021.3098795
Roesner, F., Kohno, T., & Molnar, D. (2014). Security and privacy for Augmented Reality Systems. Communications of the ACM, 57(4), 88–96. https://doi.org/https://doi-org.uproxy.library.dc-uoit.ca/10.1145/2580723.2580730
Rotolo, D., Hicks, D., & Martin, B. (2015). What is an emerging technology? Research Policy, 44(10), 1827–1843. https://doi.org/https://doi.org/10.1016/j.respol.2015.06.006
Shaabana, N. (2019, March 01). Smartwatch [Photograph]. Unsplash. https://unsplash.com/photos/m7K2P1cIf2c
Sortino, J. (2017, February 27). Future technology [Photgraph]. Unsplash. https://unsplash.com/photos/LqKhnDzSF-8
Skiba, D. J. (2017). The potential of blockchain in education and health care. Nursing Education Perspectives, 38(4), 220–221. https://doi.org/https://doi.org/10.1097/01.nep.0000000000000190
Statistics Canada. (2021a, May 31). Access to the internet in Canada, 2020. https://www150.statcan.gc.ca/n1/daily-quotidien/210531/dq210531d-eng.htm
Statistics Canada. (2021b, September 29). Canada’s population estimates: Age and sex, July 1, 2021. https://www150.statcan.gc.ca/n1/daily-quotidien/210929/dq210929d-eng.htm
United States Census Bureau. (2021, October 08). Computer and internet use in the United States: 2018. https://www.census.gov/newsroom/press-releases/2021/computer-internet-use.html
Witkowski, W. (2022, January 15). The pandemic PC boom gave personal computers their biggest year in nearly a decade. MarketWatch. https://www.marketwatch.com/story/the-pandemic-pc-boom-gave-personal-computers-their-biggest-year-in-nearly-a-decade-11642013463